- Air-gapped computers—once considered immune to remote hacking—are now at risk. Researchers at Ben-Gurion University have discovered new techniques that allow attackers to breach these isolated systems, which were previously thought to be nearly invulnerable due to their disconnection from external networks.
- The emerging methods exploit the physical characteristics of these machines, revealing a new frontier in cybersecurity vulnerabilities. This breakthrough could change how organizations protect their most sensitive data, forcing them to rethink air-gapped solutions.
Air-gapped computers, once touted as the most secure method of protecting sensitive data, these systems are no longer considered impenetrable. Air-gapped computers were known to be self-contained, out of the reach of any outside network so they were also assumed safe from external hacking. However, The Researchers from Ben-Gurion University put one more question ‘How secure are they from internal threats?’ into these issues.
So far, air-gapped computers have been restricted to use by government agencies, banking and financial institutions, and some research bodies. Their disconnection from the web and other networks though made them out of reach. However, resourceful or out-of-the-box thinking hackers have inside fights and shut off this seclusion by simply employing certain technical features of such devices. The Ben-Gurion University analysis showed it was possible to use electromagnetic waves, sound waves, and light pulses emitted from computer components to “communicate back” from air-gapped systems, targeting nearby devices and facilitating secret information withdrawal.
One of these methods, researched by Ben-Gurion University, consists of sending envelopes of data to a device that is controlled by a hacker, usually placed within the vicinity of the machine, through the alteration of fan speeds or screen brightness levels. Another method uses the radiation emitted from the processors, and this radiation can be picked up by some devices and the hidden pictures turned into conventional pictures. These practices are a very advanced degree of development on the part of the adversary’s capabilities, where the success of obtaining the system is no longer dependent on the absence of the intruder within the facility, but rather on its intrusion into the air-gapped systems.
Although these attacks are orbital, meaning they take a lot of plans and resources, the simple fact that such threats have emerged fundamentally invalidates air-gap security on the very basic level. It is clear what this means: no solution is impenetrable against vigorous and calculated agression by criminals in cyberspace.
Read More: Bizholding’s AI Revolution Hinges on Nvidia: Will It Pay Off?
It may well be necessary for organizations currently employing air-gapped systems to protect easily targetable delicate information to understand that such systems may not work as intended. It may well become necessary to help solve these problems, expansion of such access standards, shortening of intervals of hardware diagnostics and monitoring and environmental protection measures (for instance, cages of Faraday), etc.
These vulnerabilities exposed by Ben-Gurion University are groundbreaking. Cyber security as we know, reached a new frontier. As hackers advance their tactics, the defenders also have to come up with new defenses all the time. While air-gapping computers still provide a higher level of security, than non-isolated systems, they are not foolproof anymore. When nations started fighting for domination over cyberspace and everything that is connected to it, there was a race that organizations were not prepared for and are still trying to catch up on.
What is your reaction?
